Technical Announcement on AMD SEV-SNP Guest Stack Pointer Corruption Vulnerability (CVE-2025-29943)

I.        Product Model

H3C Uniserver R4950 G5 Milan, R5500 G5 Milan;

H3C Uniserver R3950 G6 Genoa, R4950 G6 Genoa, R5350 G6 Genoa, R5500 G6 Genoa;

H3C Uniserver R3950 G7 Genoa&Turin, R3350 G7 Genoa&Turin, R4950 G7 Genoa&Turin, R5350 G7 Genoa&Turin, R5350 ultra G7 Genoa&Turin, R3750 G7 Genoa&Turin.

BIOS (Milan): All versions prior to and including M50-BIOS-5.72

BIOS (Genoa): All versions prior to and including M50-BIOS-6.30.43

BIOS (Turin): All versions prior to and including M50-BIOS-7.30.12

A potential security vulnerability has been discovered in servers equipped with AMD CPUs. This vulnerability can be exploited locally to compromise the system integrity locally. Improper access control within AMD CPUs may allow an attacker with administrator privileges to modify CPU pipeline configuration, leading to stack pointer corruption inside SEV-SNP guests. For more information about this vulnerability, please refer to the AMD Security Bulletin: AMD-SN-3027 SEV-SNP Guest Stack Pointer Corruption Vulnerability.

Servers equipped with AMD CPUs have a security issue caused by insufficient access control. This vulnerability may allow the hypervisor to bypass restrictions and set internal configuration bits. Such an attack could enable a malicious hypervisor to manipulate CPU pipeline configuration, which in turn leads to stack pointer corruption inside SEV-SNP guests running in a Simultaneous Multithreading (SMT) environment. Currently, AMD has released corresponding mitigation measures for this vulnerability.

The new BIOS version integrates the AMD vulnerability fix patch. It is recommended that all affected servers equipped with AMD CPUs update their BIOS version in a timely manner to effectively mitigate the relevant security risks. The versions are as follows: